[PATCH 1/8] g10/decrypt-data: use fill_buffer in more places

Werner Koch wk at gnupg.org
Wed Nov 7 20:49:29 CET 2018

On Wed,  7 Nov 2018 18:38, jussi.kivilinna at iki.fi said:

> Should I push this patch set to new branch in gnupg repo?

Just go ahead and push it directly to master.

> I've also looked at disabling extra hash contexts when decrypting
> non-signed files. Could those contexts be disabled when any AEAD or
> MDC encrypted packet is seen? Such patch would look something this:

While looking at your patches I was reminded to check whether we have
some useless hash context running. 

> +    unsigned int seen_encrypted_mdc:1; /* Any PKT_ENCRYPTED_MDC packet seen */
> +    unsigned int seen_encrypted_aead:1; /* Any PKT_ENCRYPTED_AEAD packet seen */

There is either one MDC packet or one AEAD packet.

> -  if (!any && !opt.skip_verify)
> +  if (!any && !opt.skip_verify && !c->any.seen_encrypted_mdc &&
> +      !c->any.seen_encrypted_aead)
>      {
>        /* This is for the old GPG LITERAL+SIG case.  It's not legal
>           according to 2440, so hopefully it won't come up that often.

For sure this is not possible with AEAD.  With MDC it is unlikely but I
think we should not touch that case given that the goal is to fade out
the use of MDC.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20181107/d3bac5bf/attachment.sig>

More information about the Gnupg-devel mailing list